package com.dsz.apiinterface.controller;

import com.dsz.apiinterface.model.User;
import com.dsz.apiinterface.utils.SignUtil;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;

/**
 * @author dushangzhi
 */
@RestController
@RequestMapping("name")
public class NameController {
    @GetMapping
    public String testGet(String name, HttpServletRequest request) {
        String header = request.getHeader("X-Request-red");
        return String.format("你的名字是：%s", name);
    }

    @PostMapping
    public String testPost(String name) {
        return String.format("POST 你的名字是：" + name);
    }

    @PostMapping("/post")
    public String testPost2(@RequestBody User user, HttpServletRequest request) {
        String accessKey = request.getHeader("accessKey");
        String sign = request.getHeader("sign");
        //随机数和时间戳此处就不校验了
        String body = request.getHeader("body");
        String serverSign = SignUtil.getSign(body, "abcdefg");
        if (!"dsz".equals(accessKey) || !serverSign.equals(sign)) {
            throw new RuntimeException("无权限");
        }
        return String.format("POST 用户名字是：" + user.getUsername());
    }
}
